topic Re: Security Audit Report Using Nipper tool in API / CLI Discussion

Security Audit Report Using Nipper tool

Veeraselvam_man — Sun, 21 Oct 2018 13:46:46 GMT

Currently I am using below configuration files to generate “Security Audit Report” using nipper tool:

objects.C
objects.C_41
objects_5_0.C
rules.C
rulebases.fws
rulebases_5_0.fws

is there any way to automate this using API?

note: nipper is a third party tool for generate security audit reports for firewalls.

Regards

Veera

Re: Security Audit Report Using Nipper tool

PhoneBoy — Mon, 22 Oct 2018 05:10:16 GMT

The information in these files is rules and objects, which of course could be obtained from the API.

You'd have to have something that calls the API in the right way and parse the resulting data.

Whether nipper is capable of doing that, I have no idea.

Re: Security Audit Report Using Nipper tool

Veeraselvam_man — Mon, 22 Oct 2018 08:36:05 GMT

Please suggest the API details to export those files, using that i will try to generate security audit report using the nipper tool.

Re: Security Audit Report Using Nipper tool

PhoneBoy — Mon, 22 Oct 2018 12:51:34 GMT

There are too many API calls to list.

I recommend reviewing the API documentation to ensure you are getting the data you are most interested in: Check Point - Management API reference

Either that or use the output of something like: Python tool for exporting/importing a policy package or parts of it‌

Re: Security Audit Report Using Nipper tool

Danny — Fri, 21 Jun 2019 08:59:30 GMT

As you can read on the Nipper Studio site "If you have any questions or need support when auditing any devices with our tool please get in touch: enquiries@titania.com". So you'd need to ask them. Personally I don't think they support recent Check Point version versions, such as R80.x Even in the past they just did very basic rulebase checking. For a real security audit report I recommend hiring Check Point professional services or a strong Check Point specialist.

On our community you could start by looking into these threads:

Check Point configuration mistakes - Top 10

https://community.checkpoint.com/message/8352-check-point-support-resources-top-10

Re: Security Audit Report Using Nipper tool

Veeraselvam_man — Fri, 16 Nov 2018 05:22:09 GMT

Thank you Dameon Welch-Abernathy‌, I exported nipper dependency files using "run-script" and "show-task" API calls.

Re: Security Audit Report Using Nipper tool

Zoran_Filipac — Sun, 13 Jan 2019 08:10:22 GMT

Veeraselvam, could you give more detail on how exactly you exported Nipper required files with "run script" and "show tasks" API commands ? This could be useful for auditing with Nipper since officially they do not support R80.x. anymore. Thanks.

Re: Security Audit Report Using Nipper tool

Veeraselvam_man — Sun, 13 Jan 2019 09:47:00 GMT

Checkpoint provided option to execute Linux commands using "run script" API option, that API call will return a task id, using "show task" API call with task id, we can get the executed command output.

Using above commands i downloaded the required files.

Regards

Veera

Re: Security Audit Report Using Nipper tool

PhoneBoy — Fri, 21 Jun 2019 08:59:32 GMT

Keep in mind those files are not considered the authoritative source of data in R80 and above.

There is also no guarantee those files will continue to exist in future versions.

Nipper should query our API directly to get the authoritative data.

If you just want to report on objects and data, see: https://community.checkpoint.com/docs/DOC-1974